Product
gambio
10 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-23763
CVE-2024-23762
CVE-2024-23761
CVE-2024-23760
CVE-2024-23759
CVE-2020-10985
CVE-2020-10984
CVE-2020-10983
CVE-2020-10982
CVE-2010-4954
all versions
SQL Injection vulnerability in Gambio through 4.9.2.0 allows attackers to run arbitrary SQL commands via crafted GET request using
all versions
Unrestricted File Upload vulnerability in Content Manager feature in Gambio 4.9.2.0 allows attackers to execute arbitrary code via
all versions
Server Side Template Injection in Gambio 4.9.2.0 allows attackers to run arbitrary code via crafted smarty email template.
all versions
Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive information via error-handler.lo
all versions
Deserialization of Untrusted Data in Gambio through 4.9.2.0 allows attackers to run arbitrary code via "search" parameter of the P
< 4.0.1.0
Gambio GX before 4.0.1.0 allows XSS in admin/coupon_admin.php.
< 4.0.1.0
Gambio GX before 4.0.1.0 allows admin/admin.php CSRF.
< 4.0.1.0
Gambio GX before 4.0.1.0 allows SQL Injection in admin/mobile.php.
< 4.0.1.0
Gambio GX before 4.0.1.0 allows SQL Injection in admin/gv_mail.php.
all versions
SQL injection vulnerability in product_reviews_info.php in xt:Commerce Gambio 2008 allows remote attackers to execute arbitrary SQ